Feature Request: Add different Exception Types for different errors

[Sebi2020]

Currently it's really difficult to handle different OpenID errors because the library uses only one exception class. Additionally it does not use exception codes thus requireing the developer to do string matching to actually figure out which error caused the exception.

Please introduce exception codes or different exception classes for different exceptions.

[huchim]

• Require the CURL and JSON PHP extensions to be installed:
  • OpenIDConnect needs the CURL PHP extension.
  • OpenIDConnect needs the JSON PHP extension.
• Do a preemptive check to see if the provider has thrown an error from a previous redirect: Error: xxxxx Description: lorem ipsum
• Throw an error if the server returns one:
  • $token_json->error_description)
  • 'Got response: ' . $token_json->error
• Do an OpenID Connect session check: Unable to determine state
• User did not authorize openid scope.: User did not authorize openid scope.
• Verify the signature:
  • Unable to verify signature due to no jwks_uri being defined
  • Unable to verify signature
    • Error token is not a string
    • Error missing part 0 in token
    • Error decoding signature from token
    • Error decoding JSON from token header
    • Error decoding JSON from jwks_uri
    • Error missing signature type in token header
    • No support for signature type
  • Unable to verify JWT claims
• If the configuration value is not available: The provider {$param} could not be fetched. Make sure your provider has a well known configuration available.
• Random token generation failed: Random token generation failed.
• get_key_for_header():
  • Unable to find a key for (algorithm, kid)
  • Unable to find a key for RSA
• verifyRSAJWTsignature():
  • Crypt_RSA support unavailable.
  • Malformed key object
• verifyHMACJWTsignature(): hash_hmac support unavailable.
• requestUserInfo(): The communication to retrieve user data has failed with status code
• fetchURL(): Curl error: (XXXX)
• getIssuer(): The issuer has not been set
• getProviderURL: The provider URL has not been set
• register():
  • Error registering: JSON response received from the server was invalid.
  • $json_response->{'error_description'}
  • Error registering: Please contact the OpenID Connect provider and obtain a Client ID and Secret directly from them

I could suggest to consider "provider exceptions", "validation exceptions", "server exceptions", "network exception" and left "generics exceptions" as OpenIDConnectClientException

• OpenIDConnectProviderException
• OpenIDConnectValidationException
• OpenIDConnectNetworkException
• OpenIDConnectServerException

Maybe a static method:

private static function throws(Throwable $exception) {
    throw new OpenIDConnectClientException('Errror', 0, $exception);
}

private function foo() {
   self::throw(new OpenIDConnectProviderException('Unable to determine state');
}

[Sebi2020]

I want to add that meaninigful error codes should be provided as well.

[huchim]

I'm coming from Code Triage and I'm not the repo owner, but I can creates a new PR and ask to owner if he is agree with change.

cc: @jumbojett